Share your VPN Experience
Cisco has made changes for the Security exams by replacing the old CCSP with the new CCNP Security Certification with 4 modules: Secure, Firewall, IPS and VPN. In fact, the old CCSP and the new CCNP Security are very similar. Many candidates have requested us to put up materials for these new exams but it is a time-consuming work. In the mean time, we created the “Share your experience” for the VPN exam. We really hope anyone who read securitytut, 9tut, digitaltut, certprepare, networktut and voicetut contribute to these sections as your experience is invaluable for CCNP Security learners to complete their goals.
Please share with us your experience after taking the VPN 642-647 exam, your materials, the way you learned, your recommendations…
hi Sergi
your ans is wrong, the correct one is on the dump. the key word here is “parameters”
and crypto map is just for ACL (local/remote)
what if you want to tweek the IKE parameters under IPSec? then going to crypto map would not help.
So the correct ans is IPsec
cisco_Whiz is correct, it can be configured under Group Policy->Advance->AnyConnect Client->DPD
you can enable either or both
Gateway side Detection
Clinent side Detection
Please confirm if LAB and Hotspot coming in exam are same as in dumps?
Hello Syed did the exam today. Dumps for augies the 80 question one is valid passed with 895. For the simulation just like in the dump but after completion your are required also to test it from another laptop through a webbrowser and start the anyconnect option.
6 new question most were multiple choice. Other question was dealing with SSL asking which is NOT an option in establishing a connection between client and server, while the other was. Thats all can remember.Did any help let me know.
Which fileuse Cisco Any Connect
a) user.init
b) user.xml
c) user.html
d) ???
Any one have 642- 647 Quick reference guide , am planing to write the exam
please share – dxb8290@gmail.com
@null: Thanks, is there any issue with testing through laptop? also what about hotspot, as the questions given in hotspots do not have explanation.
R/g
Hello Syed
There is no issue with testing through laptop and hotspot are in the dump exactly like in exam .Have a video shows how to configure hotspots but does not explain . Need it let me know.
@Null: are you talking about the videos available on this forum for hotspot configuration?
pls also confirm if there are any wrong answers as I am appearing next week..
They didn’t show the test in video, can u please explain the test and testing result….
Yes am talking about that video about hotspot answers and simulation are the same like in exam all you need to know is how to get there. As far as i have studied the dumps it seems perfect to me.
Study this carefully and you will pass for sure.
For hotspot
http://www.mediafire.com/?z3shhbjxeg9ioni
for Simulation
http://www.mediafire.com/?03coysp68ijm6o9
you will be given a url through the sim Instructions to enter into the browser through the laptop. if you have completed the sim successfully a page appears. In the instruction you “will be given it tells you where to find the anyconnect option and you will be required to start it.” Very Simple do not worry.
I do not have any quick reference for vpn guide.
It is enough to pass the exam together with link for the hotpost and sim . Thats all you need.
@null: would be thankful if you can clarify following:
- ASDM version used in simulation in vce dumps is 6.0 but in video 6.3 has been used, coz in 6.0 anyconnect client option is not given..which version was given in actual exam?
- order of configuration is changed in vce dumps and video, which order should we use? starting from user configuration or from new profile as given in scenario?
- to test VPN we need to connect to laptop open web browser and enter URL, after that we will go to ssl vpn port->network access->start anyconnect right? what else we have to do after that?
for third question I mean how can we verify if VPN configuration is OK?
Not To sure which version was used. But through Sims instruction you will be told where to get the anyconnect option as was I.
I started with Creating ip address pool then Internal group policy then Connection Profile and lastly local user. As for the testing vpn in the sim Instruction after you start anyconnect that all that it is required. ACCESSing THE URL THROUGH THE LAPTOP AND START THE ANYCONNECT CONFIRMS THAT YOUR CONFIGURATIONS ARE OK
@null: Do we need to select group policy contractor as well in user configuration apart from locking? as this has not been done in VCE dumps but in simulation and not even required in scenario??
cleared with 926 marks yesterday..This dump is 100% valid…3-4 new questions with same lab and hotspot…Thank you all for you support specially ‘null’..completed my CCNP-security track
@syed
please let me know which dump was referred by you
please paste in the link here
Thanks
@syed, what are the labs and hotspots? where can i get those…. tnx a lot
@ Angry @ giantz
go through this is valid
http://www.examcollection.com/642-647.html
Hi guys,
The GNS3 is enough to practice lab?
Tks,
@ JV
Yes.
A user who establishes clientless ssl vpn session is presented with a webpage. The administrator has the option to customize the “look and feel” of the page. Which are the three components of the vpn customization editor ?(Choose Three)
A. Application Page
B. Login Page
C. Networking Page
D. Logout Page
E. Home Page
F. Portal Page
I got to different answers in P4S and VCE(80q).
P4S. B,E,F
VCE. B,D,F
I vote for VCE file cuz looks correct to me.
Any opinion on this ?
So that’s the case? Quite a reevaltion that is.
hi have any one have some video content for ccnp vpn like cbt nugget or ipexpert ..!! please let me know.!!!
Any one have the plan to give the VPN exam ?
me feb 1st week
Does anyone have a soft copy of the CCNP Security VPN 642-647 CBT or Train Video? or a link for a download?
Cheers
@Canada – hey VPN 642-647 videos are not yet started by CBT but u can try SNAA ASA/VPN 642-615 you will easily get that in torrent and that is also just 14 months old, it has some really good content can be used for CCNP Security VPN 642-647 and just for some shared private keys part can refer SNFA.. i am also refering the same videos.. !!
Best of luck …
and one more thing “CISCO CCNA LABS: CISCO FOR THE REAL WORLD” is the new cbt nugget series if any one get the link please let us know.. !
@Sanket… Thanks for the info. Only have VPN & IPS left to finish for my security track.
@Canada-
Great !! me too..!
Does anyone know if we can practice the lab/sim within the ASDM DEMO? I can not seem to get it to work. Has anyone come up with a way or steps to actually practice it? Or do we just watch the video for the steps and try it during the actual exam? ~Cheers
Clear Exam today. Examcollection dump is 100% valid…3-4 new questions with same lab and hotspot…Thank you all for you support .
Nevermind i got it working and well on my way.
Looking up NEW question: Lets get some discussion going.
3 new questions:
-Where is Dead Peer Detection configured?
I would assume under ~ crypto isakmp ~ so that would be your answer? Can anyone confirm or dispute this?
On-Demand DPD Configuration Example
The following example shows how to configure on-demand DPD messages. In this example, DPD messages will be sent every 60 seconds and every 5 seconds between retries if the peer does not respond:
Router(config)# crypto isakmp keepalive 60 5
Periodic DPD Configuration Example
The following example shows how to configure periodic DPD messages. In this example, DPD messages are to be sent at intervals of 10 seconds:
Router(config)# crypto isakmp keepalive 10 periodic
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-Which VPN Client menu is use check MD5 thumbprint? Under VPN Client/ Certificate Properties ~Can anyone confirm or dispute this?
Thumbprint—The MD5 and SHA-1 hash to the certificate’s complete contents. This provides a way to validate the certificate’s authenticity. For example, if you contact the issuing CA, you can use this identifier to verify that this is the correct certificate to use.
http://www.cisco.com/en/US/docs/security/vpn_client/cisco_vpn_client/vpn_client46/win/user/guide/vc6.html
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-The user moved from new_hire profile to another group profile. Which menu allows to liberate the IP address that was once assigned specifically to that new_hire user? ~ Not sure yet still researching
Does anyone know why examcollection.com doesn’t work?
could someoane send me 642-647 dumps at incepatorul123@YAHOO.COM. THANKS
Just finished taking the test and passed 9xx. All hail the Tut and all of those the contribute to this site the dump is valid. Remember if your going in, go BawlsDeep.
Cleared VPN 9xx Cisco.Testking.642-647.v2011-12-11.by.by.augies.80q still valid few new questions, lab was same as discussed here(any connect setup and verify) and 1 simlet same as in the 80q
New questions
1-Which VPN Client menu is use check MD5 thumbprint?
ans:Open the Certificates menu and choose View
http://www.cisco.com/en/US/docs/security/vpn_client/cisco_vpn_client/vpn_client46/win/user/guide/vc6.html
2.were is the keepalives on remote access vpn
>on server
>client
> both the devices <<<<scalability
>centralization
?
?
4.there were 2 csd questions i dont remember the exact question but it was regarding what is checked 1st if the csd is configured and you are trying to access the ASA.
Ans:do the csd nugget you can answer both.
https://supportforums.cisco.com/docs/DOC-1247#Q_How_do_I_configure_DAPs_to_use_Host_Scan_results
2.were is the keepalives on remote access vpn
>on server
>client
> both the devices <<<<< <<scalability
>centralization
?
?
pls chk this one not sure may be centralization
3. advantages of using certificates
scalablilty
centralization
?
?
is there any update ????????????